Texas Instruments CC2650DK ユーザーズマニュアル
AES Cryptoprocessor Overview
When writing a new mode without writing the length registers, the length register values from the previous
context is reused.
context is reused.
10.1.4.5.4 Data Input/Output Registers
The [AESDATAINx] and [AESDATAOUTx] data registers are typically accessed through DMA and not with
host writes and reads. However, for debugging purposes, the Data Input and Output Registers can be
accessed through host write and read operations. The registers buffer the input and output data blocks to
and from the crypto core.
host writes and reads. However, for debugging purposes, the Data Input and Output Registers can be
accessed through host write and read operations. The registers buffer the input and output data blocks to
and from the crypto core.
NOTE:
The data input buffer [AESDATAINx] and data output buffer [AESDATAOUTx] are mapped to
the same address locations.
Writes (both DMA and host) to these addresses load the input buffer, while reads pull from the output
buffer. Therefore, for write access, the data input buffer is written; for read access, the data output buffer
is read. The data input buffer must be written prior to starting an operation. The data output buffer
contains valid data on completion of an operation. Therefore, any 128-bit data block can be split over
multiple 32-bit word transfers; these can be mixed with other host transfers over the external interface.
buffer. Therefore, for write access, the data input buffer is written; for read access, the data output buffer
is read. The data input buffer must be written prior to starting an operation. The data output buffer
contains valid data on completion of an operation. Therefore, any 128-bit data block can be split over
multiple 32-bit word transfers; these can be mixed with other host transfers over the external interface.
For normal operations, this register is not used, because data input and output is transferred from and to
the AES core through DMA. For a host write operation, these registers must be written with the 128-bit
input block for the next AES operation. Writing at a word-aligned offset within this address range stores
the word (4 bytes) of data into the corresponding position of 4-word deep (16 bytes = 128-bit AES block)
data-input buffer. This buffer is used for the next AES operation. If the last data block is not completely
filled with valid data, it can write only the words with valid data. Finally, the AES operation is triggered by
writing the AESCTL.INPUT_RDY.
the AES core through DMA. For a host write operation, these registers must be written with the 128-bit
input block for the next AES operation. Writing at a word-aligned offset within this address range stores
the word (4 bytes) of data into the corresponding position of 4-word deep (16 bytes = 128-bit AES block)
data-input buffer. This buffer is used for the next AES operation. If the last data block is not completely
filled with valid data, it can write only the words with valid data. Finally, the AES operation is triggered by
writing the AESCTL.INPUT_RDY.
For a host read operation, this register contains the 128-bit output block from the latest AES operation.
Reading from a word-aligned offset within this address range will read one word (4 bytes) of data out the
4-word deep (16 bytes = 128-bits AES block) data output buffer. The words (4 words, one full block)
should be read before the core will move the next block to the data output buffer. To empty the data
output buffer, AESCTL.OUTPUT_RDY must be written.
Reading from a word-aligned offset within this address range will read one word (4 bytes) of data out the
4-word deep (16 bytes = 128-bits AES block) data output buffer. The words (4 words, one full block)
should be read before the core will move the next block to the data output buffer. To empty the data
output buffer, AESCTL.OUTPUT_RDY must be written.
For the modes with authentication (CBC-MAC and CCM), the invalid (message) bytes/words can be
written with any data.
written with any data.
NOTE:
AES typically operates on a 128-bit block with multiple input data. The CTR and CCM modes
form an exception. The last block of a CTR-mode message may contain less than 128 bits
(refer to [NIST 800-38A]): 0 < n < = 128 bits. For CCM, the last block of both AAD and
message data may contain less than 128 bits (refer to [NIST 800-38D]). The AES module
automatically pads or masks misaligned ending data blocks with zeroes for CCM and
CBC-MAC. For CTR mode, the remaining data in an unaligned data block is ignored. The
AAD or authentication only data is not copied to the output buffer but only used for
authentication.
(refer to [NIST 800-38A]): 0 < n < = 128 bits. For CCM, the last block of both AAD and
message data may contain less than 128 bits (refer to [NIST 800-38D]). The AES module
automatically pads or masks misaligned ending data blocks with zeroes for CCM and
CBC-MAC. For CTR mode, the remaining data in an unaligned data block is ignored. The
AAD or authentication only data is not copied to the output buffer but only used for
authentication.
Table 10-7. Input/Output Block Format Per Operating Mode
Operation
Data Input Buffer
Data Output Buffer
ECB/CBC encrypt
128-bit plaintext block
128-bit ciphertext block
ECB/CBC decrypt
128-bit ciphertext block
128-bit plaintext block
CTR encrypt
n-bit plaintext block
n-bit ciphertext block
CTR decrypt
n-bit ciphertext block
n-bit plaintext block
CCM AAD data
n-bit plaintext block
no output data
CCM encrypt data
n-bit plaintext block
n-bit ciphertext block
CCM decrypt data
n-bit ciphertext block
n-bit plaintext block
CBC-MAC data
n-bit plaintext block
no output data
808
SWCU117A – February 2015 – Revised March 2015
Copyright © 2015, Texas Instruments Incorporated